INN commit: trunk (backends/actsync.c doc/pod/actsync.pod)
davidsen at tmr.com
Thu Aug 9 15:02:02 UTC 2007
Julien ÉLIE wrote:
> En réponse à Russ Allbery :
>>> + /* prepare the w_string parameter for ctlinnd time out
>>> + (+3 for '-t ' and +1 for '\0') */
>>> + w_size = snprintf(w_string, 0, "%d", w_flag) + 4;
>>> + w_string = xmalloc(w_size);
>>> + snprintf(w_string, w_size, "-t %d", w_flag);
>> In CURRENT, you can just use asprintf.
> All right. I have just changed actsync to use asprintf.
>> (There are still a lot of
>> instances of this construct around that need to be converted to use
>> asprintf instead.)
> I have changed /some/ of these instances. The remaining instances
> need some more work since addresses and length are sum or differences.
> The one in innfeed/imap_connection.c (using length = 7 + 50 + 20)
> was weird (there is no comment about why that sum).
I would not be surprised if some snprintf calls should not be converted.
Not all instances are intended to prevent overflow, some are useful to
limit the length of a string for other reasons. Producing human readable
logs or whatever. Automatic allocation is neat, but every path must free
the string, and format elements may need to be limited in length to
avoid unwanted arbitrarily long results.
PITA for you, you need to decide in every case if a very long string
could happen and what it would impact to have such a thing.
bill davidsen <davidsen at tmr.com>
CTO TMR Associates, Inc
Doing interesting things with small computers since 1979
More information about the inn-workers